Updated SSL (markdown)

SSL.md

@@ -22,7 +22,12 @@
 
 ### Limitations
 
-At this time newer SSL technologies are not supported by mono and some browsers do not support the older technologies mono uses (for good reason), which means the steps below may not help you achieve SSL connectivity to Sonarr. A surefire way is to setup an nginx (or Apache) reverse proxy and use it for SSL offloading.
+There are two issues with mono and SSL:
+
+1. New ciphers aren't supported so some browsers block the connections by default (chrome and FF both do this)
+Mono doesn't support intermediate certificates, which results in a broken chain and the browsers end up requesting a client certificate
+
+2. The second issue can be mitigated by using a certificate chain that doesn't have an intermediate certificate, but most CAs use an intermediate certificate (at least the trusted public ones), which means it leaves you to a self signed certificate. The easiest solution for the time being is a reverse proxy with nginx or apache.
 
 ### Prerequisites
 
@@ -78,12 +83,3 @@ _If you're not running Sonarr on a Synology, skip these steps_
 
     openssl genrsa -out yourdomain.key 2048
     openssl req -new -x509 -key yourdomain.key -out yourdomain.cert -days 3650 -subj /CN=yourdomain
-
-
-## Important Notes Regarding Certificate Usage ##
-There are two issues with mono and SSL:
-
-1. New ciphers aren't supported so some browsers block the connections by default (chrome and FF both do this)
-Mono doesn't support intermediate certificates, which results in a broken chain and the browsers end up requesting a client certificate
-
-2. The second issue can be mitigated by using a certificate chain that doesn't have an intermediate certificate, but most CAs use an intermediate certificate (at least the trusted public ones), which means it leaves you to a self signed certificate. The easiest solution for the time being is a reverse proxy with nginx or apache.